| 摘要 |
The invention relates to a method for bootstrapping a local authorizer (42) of a non-public access network (12). The local authorizer (42) is arranged for granting access for a client device (20) to the non-public access network (12). Therefore, the local authorizer (42) comprises a credentials database (44), which is used in authentication and authorization of the client device (20) during access to services or resources of the non-public network (12). A secret knowledge of the client device (20) is used for generating at least one set of credentials. The bootstrapping method comprises the step of uploading the at least one set of credentials to the credentials database (44) of the local authorizer (42). This upload is done by the client device (20) at least at first access of the client device (20) to the non-public network (12). Then the credentials in the credentials database (44) are used for authentication and authorization of the client device (20) during access to the non-public access network (12). Thus, the invention provides for a localized authorization bootstrap, wherein the client device (20) uses its knowledge of a secret, e.g. a certain algorithm, to generate a limited set of credentials and their respective check values. These sets of credentials are uploaded to the local authorizer (42) of the private non-public network (12). Thus, the client device (20) can advantageously reuse the public protocol for localized access, i.e. it can use the same protocol and algorithm with a network, which is configured to propagate requests to the local authorizer (42). Advantageously, an authentication and authorization protocol adapted according to the method of the invention allows a client to reuse the authorization protocol of a public access network for controlling its own resources. |
